[[Category:FIXME|This is the text from the old template. This needs to be rewritten using the new template.]]

−

The storage of passwords in a recoverable format makes them subject to password reuse attacks by malicious users. If a system administrator can recover the password directly - or use a brute force search on the information available to him -, he can use the password on other accounts.

* Authentication: Revealed passwords may be reused elsewhere to impersonate the users in question.

+

[[ASDR Table of Contents]]

+

__TOC__

−

==Exposure period ==

−

* Design: The method of password storage and use is often decided at design time.

+

==Description==

−

* Implementation: In some cases, the decision of algorithms for password encryption or hashing may be left to the implementers.

+

The storage of passwords in a recoverable format makes them subject to password reuse attacks by malicious users. If a system administrator can recover the password directly - or use a brute force search on the information available to him -, he can use the password on other accounts.

−

==Platform ==

+

'''Consequences'''

−

* Languages: All

+

* Confidentiality: User's passwords may be revealed.

+

* Authentication: Revealed passwords may be reused elsewhere to impersonate the users in question.

−

* Operating platforms: All

+

'''Exposure period'''

−

==Required resources ==

+

* Design: The method of password storage and use is often decided at design time.

+

* Implementation: In some cases, the decision of algorithms for password encryption or hashing may be left to the implementers.

+

+

'''Platform'''

+

+

* Languages: All

+

* Operating platforms: All

+

+

'''Required resources'''

Access to read stored password hashes

Access to read stored password hashes

−

==Severity ==

+

'''Severity'''

Medium to High

Medium to High

−

==Likelihood of exploit ==

+

'''Likelihood of exploit'''

Very High

Very High

−

==Avoidance and mitigation ==

+

The use of recoverable passwords significantly increases the chance that passwords will be used maliciously. In fact, it should be noted that recoverable encrypted passwords provide no significant benefit over plain-text passwords since they are subject not only to reuse by malicious attackers but also by malicious insiders.

The use of recoverable passwords significantly increases the chance that passwords will be used maliciously. In fact, it should be noted that recoverable encrypted passwords provide no significant benefit over plain-text passwords since they are subject not only to reuse by malicious attackers but also by malicious insiders.

Description

The storage of passwords in a recoverable format makes them subject to password reuse attacks by malicious users. If a system administrator can recover the password directly - or use a brute force search on the information available to him -, he can use the password on other accounts.

Consequences

Confidentiality: User's passwords may be revealed.

Authentication: Revealed passwords may be reused elsewhere to impersonate the users in question.

Exposure period

Design: The method of password storage and use is often decided at design time.

Implementation: In some cases, the decision of algorithms for password encryption or hashing may be left to the implementers.

Platform

Languages: All

Operating platforms: All

Required resources

Access to read stored password hashes

Severity

Medium to High

Likelihood of exploit

Very High

The use of recoverable passwords significantly increases the chance that passwords will be used maliciously. In fact, it should be noted that recoverable encrypted passwords provide no significant benefit over plain-text passwords since they are subject not only to reuse by malicious attackers but also by malicious insiders.